Cache Attacks and Rowhammer on ARM

Moritz Lipp

Cache Attacks and Rowhammer on ARM

Moritz Lipp

Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (7050)

Publikation: Studienabschlussarbeit › Masterarbeit

Abstract

In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.

Originalsprache	englisch
Betreuer/-in / Berater/-in	Gruss, Daniel, Betreuer
Publikationsstatus	Veröffentlicht - 2016

Dieses zitieren

@mastersthesis{210e95ddcf0043acb1fa9c00d8525848,

title = "Cache Attacks and Rowhammer on ARM",

abstract = "In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.",

keywords = "side-channel attacks, cache attacks, rowhammer, mobile platforms, arm, prime+probe, flush+reload, evict+reload, flush+flush, Cross-CPU attack",

author = "Moritz Lipp",

year = "2016",

language = "English",

}

TY - GEN

T1 - Cache Attacks and Rowhammer on ARM

AU - Lipp, Moritz

PY - 2016

Y1 - 2016

N2 - In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.

AB - In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.

KW - side-channel attacks

KW - cache attacks

KW - rowhammer

KW - mobile platforms

KW - arm

KW - prime+probe

KW - flush+reload

KW - evict+reload

KW - flush+flush

KW - Cross-CPU attack

M3 - Master's Thesis

ER -